KEY TAKEAWAYS

Anti-Money Laundering

9th Annual Summit (India) 2019

MumbaiNovember 7 - 8, 2019

In its 9th year, India’s flagship conference on Anti-Money Laundering andCountering Financing of Terrorism (AML/CFT) was held over two days inMumbai – on 7th and 8th November 2019 at the Holiday InnInternational Airport Hotel.

Fintelekt’s AML 9th Annual Summit (India) 2019 aimed to contribute tothe dialogue towards strengthening AML compliance in the country byfacilitating interactions among stakeholders including the FIU India,reporting entities, technology suppliers and academia.

A strong cross-sectoral focus was the theme for the Summit in 2019, witha variety of issues discussed across banking, mutual funds, NBFCs,insurance and other financial services sectors, providing knowledge andnetworking opportunities within AML/CFT to participants across thebanking and financial services industry in India.

Among the key takeaways from the two-day Summit was the need for acollective response to financial crime and money laundering activitiesthrough greater information sharing and public-private partnerships.Cybercrime, sanctions and wildlife trafficking were some of the areas thatwere highlighted as needing greater attention from the AML compliancecommunity in general.

Arpita opened the Summit byhighlighting some of theachievements of FintelektAdvisory Services over the lastyear and setting a context fordiscussions over the two days ofthe Summit.

• Fintelekt Advisory Services will launch two new face-to-face training programmeson Sanctions and Trade-Based Money Laundering in 2020.

• The second regional Asia AML/CFT Summit will be held in Taipei, Taiwan on May28, 2020.

• Fintelekt’s plan is to continue to expand the coverage of activities and build moreand more awareness around AML/CFT across banks and financial institutionsthrough training programmes, webinars and research.

Fintelekt’s AML Summit India has grown not just in terms of a consistent increase in numbers but also in terms of the number of organisations across sectors that have been participating.

Welcome NoteArpita Bedekar, Director – Marketing, Fintelekt Advisory Services

Keynote AddressPankaj Kumar Mishra, IRS, Director, Financial Intelligence Unit India (FIU-IND)

As the head of the Financial Intelligence Unit of India (FIU-IND), Mr. Mishraappealed to the AML compliance community to focus on improving thequality of reporting through timely, accurate and complete suspicioustransaction reports (STRs).

• The Ground of Suspicion (GoS) is the soul of the STR. Wrong and incompletedetails entered in GoS defeats the purpose of filing a STR.

• Timely filing of STRs will improve its actionability and the value provided to lawenforcement agencies.

• Indiscriminate filing of STRs is a practice that reporting entities need to change.The focus should shift to quality and not quantity of STRs filed.

• For filing quality STRs, financial institutions should lay more focus on KYC checksand better due diligence, including identification of beneficial ownership.Customer Due Diligence (CDD) should be repeated on a customer if a STR is filedagainst him, as the risk rating of such a customer is expected to change.

• Automated STRs are leading to errors and irrelevant data, and should be fullyreviewed and validated by the AML team before filing them with the FIU-IND.

• Alongside STRs, other reports such as Cash Transaction Reports and Cross-BorderWire Transfer Reports are equally important to law enforcement agencies as theycontain important data that can be used in conjunction with STRs and otherinformation.

• Cases of cybercrime and fraud are rising, especially with the advent of paymentsbanks and wallets. A number of institutions are often hit at the same time andused for siphoning off funds. Reporting entities should file STRs on all such casesof fraud.

Filing good quality STRs needs efforts, dedication and application of mind, and not

just resources.

James covered four importantaspects with respect to fightingfinancial crime. He discussed therisks posed by financial, traffickingand sanctions crimes, the need forpublic and private sectors to shareinformation and collaborate, theimportance of information sharingand use of technology and howfinancial crime poses a threat tothe stability of the entire financialsystem.

• Money laundering activities attract enforcement actions, impact company brandand stock prices, and result in loss of jobs and people being imprisoned.

• Current issues plaguing the financial industry globally include an exponentialincrease in proceeds from criminal activity in some regions; a greater focus on‘technical’ compliance, rather than effectiveness; the lack of information sharingbetween public and private sectors because of data protection rules; andterminated correspondent banking relations.

• There is a human cost to financial crime. Nearly 40-65 million people are victimsof modern-day slavery. These financial crimes are the result of the inability of thefinancial system to disrupt and dismantle criminal networks.

The Future of Fighting Financial CrimeJames Mirfin, Global Head of Digital Identity & Financial Crime Propositions, Refinitiv

• Common challenges faced by financial institutions while conducting due diligenceand monitoring are substantial compliance cost, rapidly evolving technology andcomplex regulatory environment.

• AML is currently considered an operational risk. Banks don’t take into account thefact that it can cause a ’run-on-the-bank’ and financial instability. Banks need toacknowledge that financial crimes pose a risk to the integrity of the entire bankingsystem.

• There is a need to promote public-private partnerships and the use of technologytowards a collective response to AML, rather than to deal with it in isolation.

Globally, we are stopping only 1% of the illicit funds

flowing through the financial system.

Prashant presented on how Machine Learning and Artificial Intelligence (AI)can be used to improve the performance of screening solutions, reducefalse positives and false negatives and the need to consider AI and MachineLearning as a part of compliance strategies.

• The use of Machine Learning and Artificial Intelligence in compliance technologyhas helped compliance analytics to reach its prime.

• Standardization of data is a big challenge because data received is incomplete, ofpoor quality, non-standard and multi-relational.

• The biggest challenge faced while customer segmentation is the “Other” category.It becomes difficult to segment customers, put them in peer groups or screenaccordingly.

• Rule-based engines are prone to high false positives. Alerts are generated in highvolumes, and large teams are required for reviewing such alerts. In the end, lessthan 1% of the alerts generated are actually converted to STRs/SARs.

• If AI and Machine learning are used, it leaves analysts with more time to detectnew and relevant patterns and focus on cases that lead to filing of STRs.

• AI systems must be constantly retrained and recalibrated. One single technique isnot enough to solve a problem.

Reducing False Positives using AI based FrameworksPrashant Muddu, Managing Director & CEO, Jocata Financial Advisory & Technology

The industry is at a turning point where advanced AI for

AML Compliance can no longer be ignored, as the benefits far outweigh the

hurdles.

Technology enables analysts to get

relevant data to make informed and quick

decisions.

Power of Data and Technology in AML ComplianceChoon Hong Chua, Director – APJ Head of Compliance Solutions, Bureau van Dijk

Choon provided an overview of APAC regulatory trends and the newtechnology landscape and discussed how the use of data and technologycan help people make better and faster decisions.

• Key AML challenges faced by financial institutions include the lack of availability ofaccurate data, rapid changes in client data, unavailability of ultimate beneficialownership data, high percentage of false positives and the high cost ofcompliance.

• For trade transactions, compliance teams are responsible for conducting KYC onclient and CDD on vessel, country of origin, destination, dual-use goods, port ofcall and all parties involved. The key for them is to be able to differentiatebetween what is expected and what is actual.

• Three requisites from AML technology are efficiency (using Artificial Intelligence toaid decision making process), effectiveness (using Machine Learning on data tofine tune better quality alerts) and speed (using Robotic Process Automation toautomate and speed up mundane information retrieval process).

The panel discussed the current scenario of AML/CFT compliance in Indiaand the preparedness for the upcoming FATF mutual evaluation in 2021.The panel brought out important points that the financial industry needs towork on in the next one year.

• The modality of evaluation has undergone a change in the last few years. Earlier,evaluation was about compliance with FATF 40+9 recommendations. But now,evaluation is done in two dimensions, technical compliance and effectiveness,using criteria that are slightly more expansive and rigorous.

Panel Discussion: Making India Ready for its Next FATF Mutual Evaluation

Moderator:• Pramod Khandelwal, Faculty Member, Fintelekt Advisory Services

Panelists:• Manish Bhandari, Principal Officer AML/CFT/Sanctions Compliance,

ICICI Bank• Vikas Anand, Director – Compliance, Legal & Internal Audit, Canara

HSBC OBC Life Insurance• Dr Rajkumar Adukia, Chartered Accountant• Neelesh Sarda, Chief Compliance Officer, Aditya Birla Finance

• Understanding of AML/CFT in banks has grown exponentially in the last decade.There are various reasons for this: Increase in seriousness, with board of directorsassigning a designated director overseeing the compliance function and aPrincipal Officer directly responsible for the entire compliance function; regulatoryre-enforcement of circulars, which has helped in removing technical difficulties;regular inspections from RBI / FIU-IND and guidance that comes along with it;social media adding to knowledge of public in this regard; regular training.

• There is a huge gap in understanding of ML/TF risks in Non-Banking FinancialCompanies (NBFCs) as compared to banks. NBFCs have now started to warm toAML / CFT compliance requirements. The rapid growth in NBFC sector has maderegulators more aware of the risks involved with this sector, and are pushing forgreater compliance within this sector.

• Insurance products, as compared to banking products, are less prone to moneylaundering risks. The lock in period, compliance requirements and lower flexibilityact as deterrents for criminals to use insurance products for money laundering.Nevertheless, regulations are stricter and regular inspections have been made apart of the audit.

• Growth of CFT measures is not as steep as AML measures. CFT is still in a nascentstage, and as a percentage of STRs filed, CFT related STRs are extremely low. Banksand FIs still have a lot to work on in this aspect. India should have its own list ofdesignated individuals connected with terrorist financing available to all FIs.

• For Designated Non-Financial Businesses and Professions (DNFBPs), stringentreporting requirements need to be put in place. Any violation of PMLA noticed byDNFBPs should be directly reported to the FIU. It should also be included in thecode of ethics. The current condition can be strengthened by strengthening theexisting laws.

Risk assessment is required by common sense, to protect a company/individual from being misused and from bringing in bad business.

- Dr Rajkumar Adukia, Chartered Accountant

Nicholas highlighted recenttrends in sanctions from aregulatory and legal perspective.He gave an overview of sanctionsrisks and shared ways ofleveraging AML/CFT for sanctionscompliance.

Mitigating the Sanctions Risk in AML ComplianceNicholas Turner, Registered Foreign Lawyer, Clifford Chance Hong Kong

Sanctions are challenging, useful and are related to

current events. They affect countries globally and have

to be looked at from the point of view of the political

situation, with a group of countries involved.

• While looking at a transaction to comply with OFAC sanctions, the following pointsneed to be considered: who is involved, what are the legal vehicles, what is theirrelation to the US financial system.

• The five territories that are subject to comprehensive OFAC sanctions (embargoes)are Crimea, Cuba, Iran, North Korea and Syria.

• Most other OFAC Sanctions programs are list based programs, and only theindividuals and companies on the list are subject to OFAC sanctions.

• OFAC sanctions apply to sanctioned persons as well as any entity that is owned50% or more by one or more sanctioned persons.

• With the use of secondary sanctions, US government discourages non-US entitiesand individuals from engaging in activities that are contrary to US foreign policy ornational security objectives, principally used against countries such as Iran, NorthKorea, Russia and Syria.

• The five key elements of the framework of OFAC Compliance Commitmentsinclude: Senior Management Commitment, Sanctions Risk Assessment, InternalControls, Testing and Auditing, Training.

• OFAC encourages a “risk-based” approach to sanctions compliance; taking intoaccount the unique risks associated with (1) customers, (2) products and services,(3) geographies, and (4) supply chains and counterparties.

Mr. Singh shared his experience in the cybercrime domain, highlighting thepositive changes the government is making towards controlling financialcrime and steps that FIs need to take to aid the government in catchingperpetrators.

Special AddressBrijesh Singh IPS, Secretary & Director General, Information & Public Relations, GoM, and Special Inspector General of Police, Cyber, Maharashtra State, Mumbai

• Identity, traceability, technology and evidence are four important considerationswhile dealing with a fraudster.

• With the help of technology, access to information has become easy for people withmalicious intent, because of the amount of information that individuals revealpublicly. However, when Law Enforcement Agencies (LEAs) wish to collect data forinvestigation purposes, it proves to be very difficult due to data privacy constraints.

• In any criminal activity, the four things that get affected are person, property,society and state. Cybercrime has the capacity to impact all four areas.

• Criminals collaborate in real time, share data and information, whereas LEAs,regulators and FIs lack the kind of correspondence that is needed to fight suchcrime. Criminals take advantage of this lacuna.

• There are two types of money mules contributing to money laundering: wittingmules (who knowingly participate) and unwitting mules (who are unaware of thecriminal quotient).

• The government is taking a lot of necessary steps to ease the process of detectingand reporting cybercrime by FIs. For eg, the government is trying to build a centralrepository where information on fraudsters submitted by various FIs will be storedand can be accessed by all FIs. Multiple online platforms have been created toreport financial crimes.

Stopping frauds that are a result of newer technology is

the responsibility of the banks and other financial institutions. Strong coding

and security processes must be put in place to protect the

customers.

The panel discussed the AML risks that banks are exposed to because ofcorrespondent banking and shared effective and practical solutions totackle risks faced by correspondent and respondent banks.

• Banks are reluctant to form correspondent banking relationships with countriesthat have weak AML regime, especially because such countries lack transparency.Returns are not high enough to justify the risk in such cases.

Panel Discussion: Overcoming AML Challenges in Correspondent Banking

Moderator:• Theresa Karunakaran, Director, Regulatory Affairs, Deutsche Bank India

Panelists:• Charan Rawat, Head of Compliance, Rabobank• Sanjeeva Murthy, Executive Vice President – Compliance & Principal

Officer, Kotak Mahindra Bank• Sharad Nair, Principal Officer and Head AML, Axis Bank• S. Swaminathan, Senior Vice President – Legal, Compliance & Company

Secretary, Tata AIA Life Insurance

• The core focus in correspondent banking is on large value transactions. It is thuspossible that smaller transactions go unnoticed.

• Due diligence done by correspondent banks has increased a lot in the last fewyears. Earlier, a relationship was formed between banks based on questionnaires.But now, correspondent banks do extra due diligence on the respondent banksbefore establishing a relationship, which include physical visit to respondentbank’s branches, interactions with Principal Officers, check of screening tools andprocesses, frequency of database updation.

• Correspondent bank relies on respondent bank’s due diligence of a customer.Thus, correspondent banks don’t really know the final customer. Thecorrespondent bank is dependent on the declaration made by the respondentbank, but the risk is shared equally by both the banks.

• Terrorism now covers both physical terrorism and cyber terrorism. FIs must focuson cyber terrorism along with identifying financing of terrorism.

• Best practices followed by banks: taking feedback from respondent banks forcases with multiple transactions or suspicious transactions; information sharingbetween banks; putting controls in place while accepting money from moneyservice businesses; being conscious about purpose of remittance; being cognizantof premature cancellations of policies/ mutual funds, especially if money isrefunded to a third party; tracking profile of a customer with the transactionhistory; pretending to cross sell a product to a customer during an Enhanced DueDiligence (EDD) process; using tools like Legal Entity Identifier (LEI), which detectssame entities holding multiple accounts; etc.

Monitoring of transactions and the trust that a respondent bank inspires in a correspondent banking relationship is critical. Hence, respondent banks must build strong

processes.– Theresa Karunakaran, Director, Regulatory Affairs, Deutsche Bank India

Sagar emphasised on the importance of keeping customer KYC up to date,lack of which leads to higher false positives and incorrect decision making.He also discussed methods of risk rating and periodic reviews.

• Risk rating and review has three parts: initial profiling of the customer, trigger orevent-based review and periodical review based on frequency.

• Types of events that should trigger an event-based review are: Static data change,Risk model or scoring profile change, STR filing, External agency inquiry, Internalred flags, etc.

• Periodic reviews consist of the following processes: Customer recertification ofKYC details, use of CKYC to prefill reviews, internal review by financial institutionand final risk rating.

• RBI guidelines allow FIs to use Central KYC (CKYC) to onboard customers.

Refresh of KYC, Risk Rating and RecertificationSagar Tanna, Co-Founder, TSS Consultancy

CKYC has made a customer’s life easy, because the hassle of redocumentation is gone.

It has enriched the FIs’ database and helps in

screening of customers.

• The risk for a financial institution is that minimum information is usually availableabout the receiver of a payment in a transaction.

• Banks work in multiple jurisdictions and are pressured to comply with multipleregulations.

• Out of the three identified parameters – i.e. customers, payments and trade, thehighest fines have been levied for violation of compliance in payment transactions.

• Payment stripping is a process by which criminals change or remove materialinformation from payments or instructions, making it difficult to identify paymentsor to connect them to sanctioned parties, individuals or countries. US regulatorsexpect systems to be in place to detect such transactions.

• With frequent regulatory updates, banks are increasingly adopting configurablesolutions that can offer complete visibility.

• While artificial intelligence (AI) is gaining prominence in the compliance domain,regulators are asking for explainable AI.

The Future of Payments Screening – Need for SpeedSuresh Vytla, Country Manager India, Accuity

Compliance costs are high, and there is a need to find a balance between being regulator compliant and

managing compliance costs.

Suresh delivered a presentationabout rapid changes in thepayments screening processes, thechallenges FIs are facing in paymentscreening and the recent trends inthis area.

The Role of the Financial Sector in Combating Wildlife Trafficking Networks and Supporting Enforcement AgenciesPrakriti Srivastava, Country Director, Wildlife Conservation Society – India

Prakriti highlighted the extent of wildlife trafficking nationally and globallyand the outcomes of such activities, and stressed on the role of thefinancial industry in identifying money flows and bringing it to the notice oflaw enforcement agencies.

• While India covers only 2.5% of the geographical area of the world, 7% - 8% of theworld’s biodiversity exists in India.

• The three key threats to natural habitats and wildlife are habitat fragmentation,human-wildlife conflict and poaching and illegal wildlife trade.

• There is sufficient evidence that wildlife crime is related to other types of crime.Money generated from poaching is being used to fund terror activities, drugtrafficking and other types of crimes.

• Entire industries have been established to create pathways for illegally killing andpoaching of wildlife. The magnitude of these crimes is so high that a handful ofpeople cannot achieve it. When criminals are caught, the masterminds of suchcrimes are still safe, and the entire organization is rarely dismantled as the crime isnot tracked from the financial aspect.

• Due consideration needs to be given to identifying patterns of money launderingfrom wildlife trafficking; establishing well-informed database of wildlife traffickersthat can be used for compliance tests; increasing awareness of how the financialindustry can combat wildlife trafficking; providing training to identify andinvestigate suspicious activity; and providing intelligence related to wildlifetrafficking to regulatory bodies and law enforcement agencies.

• FIs should aim to make it less profitable for traffickers and stop other crimes whichare fuelled by wildlife crime, thereby also saving the natural species.

There is a strong need to look at the correlation

between wildlife trafficking and misuse of financial

systems. FIs need to collaborate with wildlife NGOs to detect patterns

and help in identifying and convicting criminals involved in wildlife

trafficking.

The panel discussed requirements for UBO identification and shared bestpractices from various sub-sectors of the financial services industry.

Panel Discussion: Enhancing the Transparency of Financial Transactions: Best Practices for Ultimate Beneficial Ownership Identification for Financial Institutions

Moderator:• Debmalya Maitra, Sr Director – BFSI, Chokshi Group, Partner – Chokshi

& Co

Panelists:• Jairam Manglani, Country FCC Head and MLRO, Standard Chartered

Bank India• Praveen Mohan Dayal, Senior Vice-President AML, HSBC• Bhalchandra Joshi, Chief – Operations Excellence and Service Delivery,

Reliance Mutual Fund• Rajeev Dewal, Senior Advisor – Legal, Indian Banks’ Association

• No matter how well written an AML policy is, its effectiveness is determined by itsuse by the front end staff, and therefore training and communicating the policy tothe entire workforce is very important.

• A key challenge faced by financial institutions for UBO is the lack of independentdata, due to which a bank has to undergo a lengthy process to get information oncustomers.

• Although a centralised registry for KYC exists for the mutual funds industry, thereis no central registry for UBO.

• Controls must be put in place both by the regulators and FIs. Enabling laws shouldbe put in place, which dissuade perpetrators, and at the same time, FIs need tocreate boundaries which discourage perpetrators to misuse the financial system.

• Some of the best practices in banks that were discussed include unwrapping UBOsindependently for accounts whenever possible; remapping UBO with updation ofKYC; and finding the controllers in a trust, rather than just the trustees.

• The industry can benefit from collaboration to share UBO information and puttingin place certain common practices and standards, so that investors can get a morestreamlined experience. Partnering with technology companies to provide UBOinformation can be a way forward for this.

One of the biggest challenges for an AML Professional in the absence of data is to convince the business teams that the company can’t go ahead with a transaction

because of the lack of such data.- Jairam Manglani, Country FCC Head and MLRO, Standard Chartered Bank India

• Fake bills are generated in India by private players / cheque discounters (Angadias)and diverted via investments (Capital expenses) and cutbacks (High salaries to staff).

• Methods to identify fake bills include loan conditions, account statements, stockstatements, creditors/debtors list, transportation documents, invoices andsupporting documents, transfer of funds to other banks and mismatch in supportingdocuments.

• Challenges faced while curbing TBML are evaluating market price, detectingmultiple invoicing, detecting phantom shipping and identifying shell companies.

• Publicly available information can be utilised to counter-check the location of ships,details about transport vehicles, information on companies or GST details. Thisinformation can be incorporated into pre-processing checks for trade transactions.

Trade Based Money LaunderingSandeep Mehra, Chief of Internal Vigilance & Head CSIS, FIFC, Mumbai, Citibank

Financial Institutions should make use of the various available public

sources of information to help prevent TBML

activities.

Sandeep covered the regulatoryguidelines on monitoring end-use offunds, shared insights on how fakebills are generated, discussed bestpractices for verifying theauthenticity of transactions and bills,and shared guidance on how toovercome challenges in the area ofTrade Based Money Laundering(TBML).

Copyright Fintelekt 2019No part of this publication may be reproduced or transmitted in any form or by any means

without express written permission from the author.

Disclaimer:Views expressed in this publication do not necessarily represent the views of Fintelekt and the

information contained is only a brief synopsis of the issuesdiscussed herein. Fintelekt makes no representation as regards the accuracy and completeness of

the information contained herein and the same should not be construed as legal, business or technology advice. Fintelekt, the authors and publishers, shall not be responsible for any loss or

damage caused to any person on account of errors or omissions.

Fintelekt Advisory Services Pvt Ltd

401, One+, Survey No. 18/1, Off Pancard Club Road, Baner, Pune 411045, India

Tel: +91 9370078917Email: contact@fintelekt.com